This page contains community contributed work and experiences. Please add a child page and link it into the list below.
Table of Contents
AD Silver Cookbook - Alignment of institutional Active Directory with InCommon Silver
Multi-factor Considerations - Using multi-factor authentication to address InCommon Silver requirements
Remote-Proofing Approaches - Approaches under consideration by Silver-aspiring schools.
Documentation Examples - Examples of documentation for demonstrating IAP compliance.
Certified Identity Provider Organizations
Virginia Tech: Assurance Implementation Example
- Virginia Tech InterOp Testing
- Preliminary Information on IdP Configuration from Virginia Tech's Interop Testing (Scroll down to Assurance section)
- VT Assurance Testing
University of Chicago, "The Chicago Approach to Identity Assurance" (PDF) presented by Dave Langenberg at Identity Week 2013
- Harvard University Executive Summary: Setting a Standard for Both Security and Convenience
- Harvard University Bronze Self Certification document
- IdDB and LDAP Specifics Determining "Member of Community” Status
University of Nebraska Medical Center (UNMC)
University of Maryland Baltimore County (UMBC)
- UMBC Management Assertions/Gap Analysis (Google Doc)
- UMBC Retriever Community (IdM system) Overview (Google Doc)
- UMBC uses DUO for Two-Factor Authentication
CILogon enables greater access to cyberinfrastructure (CI) using higher level of assurance credentials from InCommon identity providers. A 2009 technical report (pdf) provided an early mapping from InCommon Bronze and Silver to International Grid Trust Federation (IGTF) requirements. Many CI providers around the world, such as TeraGrid, Open Science Grid, and the LHC Computing Grid rely on IGTF standards. The CILogon Silver CA is an IGTF accredited service that is ready to provide IGTF compliant certificates to researchers based on their InCommon Silver credentials, once InCommon members have been certified at the Silver level. The Roadmap for Using NSF Cyberinfrastructure with InCommon provides additional information about the value of campus authentication (via InCommon) to CI, including the role of the CILogon service.
The InCommon Federation Manager (FM) and the InCommon Certificate Manager (CM) are two high-profile web applications that require strong authentication (but not necessarily Silver). An analysis of the assurance requirements of the FM and the CM indicates the need for an assurance profile that rationalizes Bronze requirements in the presence of two-factor authentication.
Participant organizations have provided the content described on this page. Using these practices does not guarantee certification in the InCommon Assurance Program.